Skip to content

Fix: Escape issue title / description #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Apr 25, 2025
Merged

Fix: Escape issue title / description #61

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion .github/workflows/trigger-docs-agent.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,5 +10,8 @@ jobs:
- name: Install Python dependencies
run: pip install requests
- name: Trigger UiPath Documentation Agent
env:
Copy link
Member Author

@cristipufu cristipufu Apr 25, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've reviewed the changes in the GitHub workflow file that handles the documentation agent trigger. Here's my feedback:

Changes Overview

The PR modifies the workflow to properly escape the issue title and description before passing them to the documentation agent. This is done by:

  1. Using GitHub's toJson function to properly escape the values
  2. Storing the escaped values in environment variables
  3. Using Python's json.loads() to parse the escaped strings

Positive Aspects

  1. Security Improvement: The change properly handles special characters in issue titles and descriptions, preventing potential command injection or formatting issues
  2. Better Error Handling: Using json.loads() ensures the strings are properly decoded before use
  3. Clean Implementation: Moving the values to environment variables makes the code more readable and maintainable

Suggestions

  1. Consider adding error handling around the json.loads() calls in case the environment variables contain invalid JSON
  2. You might want to add a comment explaining why this escaping is necessary for future maintainers

Code Quality

  • The code follows good practices by separating concerns (escaping/storing values vs using them)
  • The changes make the workflow more robust and secure

Overall, this is a good improvement that fixes a potential issue with special characters in issue titles and descriptions. The implementation is clean and follows best practices. ✅

The PR is ready to be merged from my perspective.

ISSUE_TITLE: ${{ toJson(github.event.issue.title) }}
ISSUE_BODY: ${{ toJson(github.event.issue.body) }}
run: |
python -c "import requests; import json; resp = requests.post('${{ secrets.UIPATH_URL }}/orchestrator_/odata/Jobs/UiPath.Server.Configuration.OData.StartJobs', headers={'Authorization': 'Bearer ${{ secrets.UIPATH_ACCESS_TOKEN }}', 'Content-Type': 'application/json', 'X-UiPath-FolderPath': 'MCP Folder'}, json={'startInfo': {'releaseName': 'github-documentation-agent', 'inputArguments': json.dumps({'messages': [{'role': 'user', 'content': '${{ github.event.issue.title }}\n\n${{ github.event.issue.body }}'}], 'owner': '${{ github.repository_owner }}', 'repo': '${{ github.event.repository.name }}', 'issueNumber': ${{ github.event.issue.number }}})}}); print(f'Status code: {resp.status_code}'); print(f'Response: {resp.text}')"
python -c "import requests; import json; import os; issue_title = json.loads(os.environ['ISSUE_TITLE']); issue_body = json.loads(os.environ['ISSUE_BODY']); content = issue_title + '\n\n' + issue_body; resp = requests.post('${{ secrets.UIPATH_URL }}/orchestrator_/odata/Jobs/UiPath.Server.Configuration.OData.StartJobs', headers={'Authorization': 'Bearer ${{ secrets.UIPATH_ACCESS_TOKEN }}', 'Content-Type': 'application/json', 'X-UiPath-FolderPath': 'MCP Folder'}, json={'startInfo': {'releaseName': 'github-documentation-agent', 'inputArguments': json.dumps({'messages': [{'role': 'user', 'content': content}], 'owner': '${{ github.repository_owner }}', 'repo': '${{ github.event.repository.name }}', 'issueNumber': ${{ github.event.issue.number }}})}}); print(f'Status code: {resp.status_code}'); print(f'Response: {resp.text}')"